package com.zheng.oatuhauth.controller;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.KeyPair;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;

/**
 * 获取RSA公钥接口
 * 把公钥暴露出来,由网关服务使用RSA的公钥来验证签名是否合法，
 */
@RestController
public class KeyPairController {
    @Autowired
    KeyPair keyPair;

    @GetMapping("/rsa/publicKey")
    public Map<String, Object> getKey() {
        RSAPublicKey rsa = (RSAPublicKey)keyPair.getPublic();
        RSAKey rsaKey = new RSAKey.Builder(rsa).build();
        return new JWKSet(rsaKey).toJSONObject();
    }
}
